<?
/*
%%%copyright%%%
 * phpMyTicket - ticket reservation system
 * Copyright (C) 2004-2005 Anna Putrino, Stanislav Chachkov. All rights reserved.
 *
 * This file is part of phpMyTicket.
 *
 * This file may be distributed and/or modified under the terms of the
 * "GNU General Public License" version 2 as published by the Free
 * Software Foundation and appearing in the file LICENSE included in
 * the packaging of this file.
 *
 * Licencees holding a valid "phpmyticket professional licence" version 1
 * may use this file in accordance with the "phpmyticket professional licence"
 * version 1 Agreement provided with the Software.
 *
 * This file is provided AS IS with NO WARRANTY OF ANY KIND, INCLUDING
 * THE WARRANTY OF DESIGN, MERCHANTABILITY AND FITNESS FOR A PARTICULAR
 * PURPOSE.
 *
 * The "phpmyticket professional licence" version 1 is available at
 * http://www.phpmyticket.com/ and in the file
 * PROFESSIONAL_LICENCE included in the packaging of this file.
 * For pricing of this licence please contact us via e-mail to 
 * info@phpmyticket.com.
 * Further contact information is available at http://www.phpmyticket.com/
 *
 * The "GNU General Public License" (GPL) is available at
 * http://www.gnu.org/copyleft/gpl.html.
 *
 * Contact info@phpmyticket.com if any conditions of this licencing isn't 
 * clear to you.
 
 */
?>
<?

require_once("classes/Order.php");
require_once("classes/Ticket.php");


class Order_Smarty {

  var $user_auth_id;

  function Order_Smarty (&$smarty){
   global $_SHOP;
   $smarty->register_object("order",$this,null,true,array("order_list","tickets"));
   $smarty->assign_by_ref("order",$this);
   
   if(isset($_SESSION['_SHOP_USER_AUTH']['user_id'])) {
     $this->user_auth_id=$_SESSION['_SHOP_USER_AUTH']['user_id'];
   }
 }
	
  function vieworder($params) {
	$user_id=$params['user_id'];
	require_once("classes/userorder.php");
	_vieworder($user_id);
	return;
}

  /// To reserve, set the handling to '1'
  function make ($params,&$smarty){

    function _order_error ($error,&$smarty){
      $smarty->assign('order_error',$error);  
    }

    global $_SHOP;
  	// handling method gets passed from param to var.
    $handling=$params['handling'];
	
	if($params['place']){
		$place=$params['place'];
	}
	if($params['no_cost']){
		$no_cost=$params['no_cost'];
	}
    if($params['user_id']){
      $user_id=$params['user_id'];
    }else{
      $user_id=$_SESSION['_SHOP_USER']['user_id'];
    }  
    if($params['no_fee']){
     $no_fee=$params['no_fee'];
    }
    $cart=$_SESSION['cart'];

    if(!$handling or !$user_id or !$cart or !$cart->can_checkout()){
      _order_error(reservate_failed,$smarty);
      return;
    }
  
    require_once("functions/order_func.php");
    require_once("classes/ShopDB.php");

    //compile order (order and tickets) from the shopping cart in order_func.php
    $order= cart_to_order($cart,$user_id,session_id(),$handling,$_SHOP->organizer_id,$no_fee,$no_cost,$place); 
 
    //begin the transaction 
    if(!ShopDB::begini()){
      _order_error(reservate_failed,$smarty);
      return; 
    }

/*
    //move places from reserved to ordered state
    if(!command($order,session_id(),$user_id)){
      _order_error(reservate_failed,$smarty);
      ShopDB::rollback();
      return;
    } 
*/
      
    //put the order into database     
    if(!$order_id=$order->save()){
      _order_error(save_failed,$smarty);
      ShopDB::rollbacki();
      return; 
    }

	//    require_once('classes/Handling.php');
	//    $hand=Handling::load($order->order_handling_id);
    $query="UPDATE `User` 
			SET user_order_total=user_order_total+1 
			WHERE user_id=".ShopDB::quotei($user_id);
	if(!$res=ShopDB::queryi($query)){
		_order_error(user_failed,$smarty);
		ShopDB::rollbacki();
	}
    

    //commit the transaction      
    ShopDB::commiti();

  
    $smarty->assign('order_success',true);
    $smarty->assign('order_id',$order_id);
    $smarty->assign('order_fee',$order->order_fee);
    $smarty->assign('order_total_price',$order->order_total_price);
    $smarty->assign('order_partial_price',$order->order_partial_price);
    $smarty->assign('order_tickets_nr',$order->size());
    $smarty->assign('order_shipment_mode',$order->order_shipment_mode);
    $smarty->assign('order_payment_mode',$order->order_payment_mode);

    foreach($order->places as $ticket){
      $seats[$ticket->seat_id]=TRUE;
    }
    $smarty->assign('order_seats_id',$seats);

  }
  	function res_to_order($params,&$smarty){
  		$order_id=$params['order_id'];
  		$handling_id=$params['handling_id'];
  		//if(($order_id=$this->secure_url_param($params['order_id']))<=1){return;}
  		//if(($handling_id=$this->secure_url_param($params['handling_id']))<=1){return;}
  		if($params['no_cost']===true){$no_cost=true;}
  		if($params['no_fee']===true){$no_fee=true;}
  		if($params['place']!='pos'){$place='www';}else{$place='pos';}
		
		$this->res_to_order_f($order_id,$handling_id,$no_fee,$no_cost,$place);
		
		$smarty->assign('order_success',true);
	}
	function res_to_order_f($order_id,$handling_id,$no_fee,$no_cost,$place){
		global $_SHOP;
		return Order::reserve_to_order($order_id,$handling_id,$no_fee,$no_cost,$place,$_SHOP->organizer_id);
	}
    
  function cancel ($params,&$smarty){
    $this->cancel_f($params['order_id']); 
  }
  
  function cancel_f ($order_id){
    global $_SHOP;
    return Order::order_delete($order_id,$_SHOP->organizer_id,$this->user_auth_id);
  }
  
  function delete_ticket ($params,&$smarty){
    $this->delete_ticket_f($params['order_id'],$params['ticket_id']); 
  }
  
  function delete_ticket_f ($order_id,$ticket_id){
    global $_SHOP;
    return Order::order_delete_ticket($order_id,$ticket_id,$_SHOP->organizer_id,$this->user_auth_id);
  }

  function order_list ($params, $content, &$smarty,&$repeat){
    require_once("classes/ShopDB.php");
    
    if ($repeat) {
			
      $from='from `Order`';
      
		if($params['user_id']){
			$user_id=$this->secure_url_param($params['user_id']);
			$where="where order_user_id='{$user_id}' AND Order.order_status!='trash'";
		}/*else if($this->user_auth_id){
   			$where="where order_user_id='{$this->user_auth_id}' AND Order.order_status!='trash'";
		}*/else{
			  $where="where 1 AND Order.order_status!='trash'";
		}
			
	  if($params['user']){
		  $from.=',User';
			$where.=' and order_user_id=user_id';
		}
	  if($params['place']) {
	  	$where .=" and order_place='{$params['place']}'";
	  }
	  	
      if($params['order']){
        $order_by="order by Shop::{$params['order']}";
      }
    
      if($params['order_id']){
		$order_id=$this->secure_url_param($params['order_id']);
    	$where .= " and order_id='{$order_id}'";
      }
      if($params['order_by_date']){
		$order_by .= " ORDER BY order_date {$params['order_by_date']}";
	  }

      if($params['start_date']){
        $where .= " and order_date>='{$params['start_date']}'";      
      }
    
      if($params['end_date']){
        $where .= " and order_date<='{$params['end_date']}'";      
      }
    
      if($params['first']){
      	$first=$this->secure_url_param($params['first']);
        $limit='limit '.$first;
	    
		if($params['length']){
	      $limit.=','.$params['length'];
		}
      }else if($params['length']){
        $limit='limit 0,'.$params['length'];
      }
    
  
      $query="select * $from $where $order_by $limit";
    
      $res=ShopDB::queryi($query);
    
      $order=mysqli_fetch_array($res);
    
    }else{
      $res=array_pop($smarty->_SHOP_db_res);
      if(isset($res)){
	  	$order=mysqli_fetch_array($res);
	  }
    }

	if($params['all']){

      if(!empty($order)){
      	$c=1;
       	$orders[]=$order;
       	while($order=mysqli_fetch_array($res)){
          $orders[]=$order;$c++;
		} 
		$smarty->assign("shop_orders",$orders);  
    	$smarty->assign("shop_orders_count",$c);  
	  }
     
     $repeat=FALSE;
     return $content;
    
    }else{

      $repeat=!empty($order);

      if($order){
        $smarty->assign("shop_order",$order);  
        $smarty->_SHOP_db_res[]=$res;
        
		$query="SELECT * FROM User WHERE user_id={$order['order_user_id']}";
		$res=ShopDB::queryi($query);
		$user=mysqli_fetch_array($res);
		if($user){
	  	  $smarty->assign("user_order",$user);
		}
      }
    }
    return $content;
    
  }
  
  function tickets ($params, $content, &$smarty,&$repeat){
    require_once("classes/ShopDB.php");
    
    if ($repeat) {
      if(!$params['order_id']){
        $repeat=FALSE;
				return;
      }
      $order_id=$this->secure_url_param($params['order_id']);
				
      $from='FROM Seat LEFT JOIN Discount ON seat_discount_id=discount_id 
	  					LEFT JOIN Event ON seat_event_id=event_id 
						LEFT JOIN Category ON seat_category_id= category_id
						LEFT JOIN PlaceMapZone ON Seat.seat_zone_id=pmz_id';
      $where=" where seat_order_id='{$order_id}'";
	  
	  if($params['user_id']) {
		$where.=" and seat_user_id='{$this->user_auth_id}'";
	  }
	  if($params['place']) {
	  	$where .=" and order_place='{$params['place']}'";
	  }
      if($params['order']){
        $order_by="order by {$params['order']}";
      } 
    
      if($params['limit']){
      	$length=$this->secure_url_param($params['limit']);
        $limit='limit '.$length;
      }
    
      $query="select * $from $where $order_by $limit";
    
      $res=ShopDB::queryi($query);
    
      $ticket=mysqli_fetch_array($res);
    
    }else{
      $res=array_pop($smarty->_SHOP_db_res);
      $ticket=mysqli_fetch_array($res);
    }

    if($params['all']){
	 
	 $repeat=!empty($ticket);
     if($ticket){
       $c=1;
       $tickets[]=$ticket;
       while($ticket=mysqli_fetch_array($res)){
         $tickets[]=$ticket;$c++;
       } 
     	
       $smarty->assign("shop_tickets",$tickets);  
       $smarty->assign("shop_tickets_count",$c);  
     }
	 return $content;  
    }elseif($params['min_date']){
		$repeat=!empty($ticket);
		if($ticket){
	    	$c=1;
	    	$min_date=true;
	       	while($ticket=mysqli_fetch_array($res)){
	        	$c++;
	        	$min_date=min($ticket['event_date'],$min_date);
			} 
	    $smarty->assign("shop_tickets_count",$c);
		$smarty->assign("shop_ticket_min_date",$min_date);
	    }
	    return $content;
    }else{

      $repeat=!empty($ticket);

      if($ticket){
        $smarty->assign("shop_ticket",$ticket);  
        //print_r($ticket);
		$smarty->_SHOP_db_res[]=$res; 
      
      }
    }
    return $content;
    
  }
  function set_reserved ($params,&$smarty){
    $this->set_reserved_f($params['order_id']);
  }
  
  function set_reserved_f ($order_id){
    global $_SHOP;
    return Order::set_reserved($order_id, $_SHOP->organizer_id, $this->user_auth_id);
  }
  
  function set_payed ($params,&$smarty){
    $this->set_payed_f($params['order_id']);
  }
  
  function set_payed_f ($order_id){
    global $_SHOP;
    return Order::set_payed($order_id, $_SHOP->organizer_id, $this->user_auth_id);
  }
  
  function order_print ($params,&$smarty){

    require_once("functions/order_func.php");
    if($params['print_prefs']=='pdf'){
      $print=FALSE;
    }else{
      $print=TRUE;
    }
    
    print_order($params['order_id'],'','stream',$print);    
  }
  
  function secure_url_param($num=FALSE, $nonum=FALSE) 
  { 
	if ($num) {
	  $correct = is_numeric($num); 
      if( $correct ) { return $num; } 
      elseif(!$correct ){ 
		echo "No Such ID"; 
      	//$num = cleanNUM($num);
		$num="1"; 
      	return $num; 
      }
    }
    if ($nonum) {
	  $correct = preg_match('/^[a-z0-9_]*$/i', $nonum); 
      //can also use ctype if you wish instead of preg_match 
      //$correct = ctype_alnum($nonum);          
      if($correct) { return $nonum; } 
      elseif(!$correct) { 
	  	echo "No Such Varible";
      	$nonum="This";
      	return $nonum;
	  } 
    } 
  }

}

?>
